Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10A3CEFE21B111F0B26B4DDDDAE4EC9C.roa
File: 10A3CEFE21B111F0B26B4DDDDAE4EC9C.roa (raw, json)
Hash identifier: Itkz9yqR62A3LNPpi9IRuFsJJB5Hwtt9R/Sdi+/5kpI=
Subject key identifier: 4E:17:56:24:7E:E3:91:1D:46:5E:96:13:68:82:FE:A7:2F:52:0B:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10A3CEFE21B111F0B26B4DDDDAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:41:23 +0000
ROA not before: Fri 25 Apr 2025 08:41:18 +0000
ROA not after: Wed 04 Jun 2025 08:41:18 +0000
asID: 271956
IP address blocks: 154.88.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97021 (0x17afd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:41:18 2025 GMT
Not After : Jun 4 08:41:18 2025 GMT
Subject: CN=680b4ab2-a600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2f:4b:9b:34:19:0f:7d:aa:3d:54:bc:07:81:
7e:1c:e4:4b:c7:42:23:b8:82:96:82:76:ef:e6:eb:
ea:29:6b:0c:ae:f1:c4:ef:09:f8:53:ac:a8:7e:6b:
ec:12:eb:88:2c:31:d9:c0:27:c9:8e:17:ac:0d:3f:
89:c4:79:68:48:32:e3:b6:a1:bb:bf:98:e1:44:74:
6e:85:0b:82:c7:65:1e:3f:86:15:c5:9c:a1:b4:ce:
cf:f6:3e:50:96:dd:ee:e7:1b:1a:b5:2b:a4:e4:05:
99:5e:b8:b4:1d:b7:38:e9:96:b0:77:15:f9:cb:7f:
f8:13:ab:29:8f:e0:8a:3a:8b:f0:33:1a:7c:b6:90:
98:20:6e:8f:35:88:c9:6e:f0:fc:4a:a2:c9:1e:86:
7e:53:5e:67:d6:bd:80:de:76:e9:d3:c2:12:29:c7:
cd:f9:a2:dc:cc:b7:7c:08:4d:a7:b6:40:d2:db:6a:
a2:2e:80:80:3c:d0:c0:b8:3a:26:76:ac:db:81:ff:
0f:84:00:75:d2:28:23:46:d1:2d:87:0a:9e:99:44:
6f:92:de:61:e4:bf:81:9b:40:2f:b1:5f:64:d7:2c:
ae:86:90:98:d5:54:ee:79:e2:11:d1:15:b1:7a:90:
21:ef:75:15:cf:cb:a2:39:da:c2:4a:69:9f:85:a9:
b4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:17:56:24:7E:E3:91:1D:46:5E:96:13:68:82:FE:A7:2F:52:0B:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10A3CEFE21B111F0B26B4DDDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.190.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:02:5e:61:78:ec:9b:9b:b9:4c:b3:3a:77:2a:5c:ad:c7:77:
6b:ed:96:b5:97:2a:e5:bf:37:1d:ba:25:c8:e0:a9:25:1c:be:
b3:0f:64:5a:e5:bf:38:ab:61:51:72:40:49:d7:e3:7f:97:7c:
c5:ce:96:d3:71:89:1d:33:73:49:b4:96:2a:1d:94:14:d8:8f:
96:9f:ef:a5:66:ed:d5:8d:4c:ae:f9:9e:18:67:0b:cb:10:ee:
92:da:34:7a:d9:ac:db:e6:7e:84:6f:20:e4:7e:ac:bb:fd:44:
a5:e2:b7:b5:c6:04:cd:f6:c8:47:5f:6d:cb:a2:90:6c:a9:a2:
9b:fe:5e:9d:95:4e:9e:b5:b0:8d:5f:7c:8b:76:2d:24:21:c9:
99:d3:8d:18:b7:15:cc:9d:71:43:ae:e5:71:3c:97:0b:d1:ee:
0c:12:83:ef:95:eb:1e:02:60:f5:9a:cd:0e:49:d0:33:b2:ae:
91:5f:4d:e0:63:c9:e8:99:10:e9:af:12:5c:f9:c2:c8:07:16:
a3:0f:8e:36:7a:78:0e:db:02:7d:bb:bd:cd:c2:7b:2d:55:e0:
e7:f8:12:c3:7d:28:c6:98:ec:89:97:6a:ad:21:82:51:27:81:
42:ef:62:f1:97:1d:3a:42:74:55:e4:e9:0d:d5:1d:f6:64:cd:
3b:54:b5:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXr9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDg0MTE4WhcNMjUwNjA0MDg0MTE4WjAYMRYw
FAYDVQQDEw02ODBiNGFiMi1hNjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyS9LmzQZD32qPVS8B4F+HORLx0IjuIKWgnbv5uvqKWsMrvHE7wn4U6yo
fmvsEuuILDHZwCfJjhesDT+JxHloSDLjtqG7v5jhRHRuhQuCx2UeP4YVxZyhtM7P
9j5Qlt3u5xsatSuk5AWZXri0Hbc46ZawdxX5y3/4E6spj+CKOovwMxp8tpCYIG6P
NYjJbvD8SqLJHoZ+U15n1r2A3nbp08ISKcfN+aLczLd8CE2ntkDS22qiLoCAPNDA
uDomdqzbgf8PhAB10igjRtEthwqemURvkt5h5L+Bm0AvsV9k1yyuhpCY1VTueeIR
0RWxepAh73UVz8uiOdrCSmmfham0QwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE4X
ViR+45EdRl6WE2iC/qcvUgsfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEEzQ0VGRTIxQjExMUYwQjI2QjREREREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmli+MA0GCSqGSIb3DQEB
CwUAA4IBAQDBAl5heOybm7lMszp3Klytx3dr7Za1lyrlvzcduiXI4KklHL6zD2Ra
5b84q2FRckBJ1+N/l3zFzpbTcYkdM3NJtJYqHZQU2I+Wn++lZu3VjUyu+Z4YZwvL
EO6S2jR62azb5n6EbyDkfqy7/USl4re1xgTN9shHX23LopBsqaKb/l6dlU6etbCN
X3yLdi0kIcmZ040YtxXMnXFDruVxPJcL0e4MEoPvleseAmD1ms0OSdAzsq6RX03g
Y8nomRDprxJc+cLIBxajD442engO2wJ9u73NwnstVeDn+BLDfSjGmOyJl2qtIYJR
J4FC72Lxlx06QnRV5OkN1R32ZM07VLU2
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:44:27 2025 by rpki-client